From d005ede12e1da99dc077bf9e1c563a0f9f4066e3 Mon Sep 17 00:00:00 2001 From: Pranith Kumar K Date: Mon, 19 Mar 2018 12:09:18 +0530 Subject: [PATCH 667/675] features/shard: Do list_del_init() while list memory is valid > Upstream: https://review.gluster.org/19737 > BUG: 1557876 > Change-Id: If429d3634219e1a435bd0da0ed985c646c59c2ca Problem: shard_post_lookup_fsync_handler() goes over the list of inode-ctx that need to be fsynced and in cbk it removes each of the inode-ctx from the list. When the first member of list is removed it tries to modifies list head's memory with the latest next/prev and when this happens, there is no guarantee that the list-head which is from stack memory of shard_post_lookup_fsync_handler() is valid. Fix: Do list_del_init() in the loop before winding fsync. Change-Id: If429d3634219e1a435bd0da0ed985c646c59c2ca BUG: 1585046 Signed-off-by: Pranith Kumar K Reviewed-on: https://code.engineering.redhat.com/gerrit/140483 Tested-by: Krutika Dhananjay Tested-by: RHGS Build Bot Reviewed-by: Sunil Kumar Heggodu Gopala Acharya --- xlators/features/shard/src/shard.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/xlators/features/shard/src/shard.c b/xlators/features/shard/src/shard.c index 68d1a3a..651d08a 100644 --- a/xlators/features/shard/src/shard.c +++ b/xlators/features/shard/src/shard.c @@ -4525,7 +4525,6 @@ out: if (op_ret == 0) ctx->fsync_needed -= fsync_count; GF_ASSERT (ctx->fsync_needed >= 0); - list_del_init (&ctx->to_fsync_list); if (ctx->fsync_needed != 0) { list_add_tail (&ctx->to_fsync_list, &base_ictx->to_fsync_list); @@ -4600,6 +4599,7 @@ shard_post_lookup_fsync_handler (call_frame_t *frame, xlator_t *this) anon_fd = NULL; list_for_each_entry_safe (iter, tmp, ©, to_fsync_list) { + list_del_init (&iter->to_fsync_list); fsync_count = 0; shard_inode_ctx_get_fsync_count (iter->inode, this, &fsync_count); -- 1.8.3.1